49% of security leaders in government, defense, and critical services cite ensuring data integrity and preventing tampering in transit as their single biggest challenge when transferring information across classified or coalition networks.

45% of security leaders in government, defense, and critical services cite managing identity and authentication across multiple domains as the biggest challenge to securing access to mission data.

78% of security leaders in government, defense, and critical services cite outdated infrastructure as a primary source of cyber vulnerability.

Only 38% of organizations over 20,000 employees actively pursuing CMMC 2.0 certification achieve top-tier encryption (76-100% coverage).

51% of all organizations actively pursuing CMMC 2.0 certification managing international data flows report increased complexity in policy development and control implementation.

Organizations without governance tracking show 5 percentage points higher rates of low-encryption outcomes (20% vs. 15%).

11% of organizations actively pursuing CMMC 2.0 certification are in Europe.

59% of mid-market firms (5,000-9,999 employees) actively pursuing CMMC 2.0 certification achieve top-tier encryption (76-100% coverage).

Only 56% of organizations have fully implemented end-to-end encryption for all sensitive data.

While 95% of organizations actively pursuing CMMC 2.0 certification track some governance tracking effectiveness metrics, only 38% have instituted comprehensive governance control and tracking systems.

Vendor compliance ranks as the second-highest challenge for the organizations actively pursuing CMMC 2.0 certification (scoring 73 out of 100).

39% of organizations actively pursuing CMMC 2.0 certification cite vendor compliance as a top concern. This is 7 percentage points higher than non-CMMC organizations.

Only 22% of organizations actively pursuing CMMC 2.0 certification implement contractual security requirements with suppliers. This is below the 27% industry average.

The challenge of data inventory accuracy affects 27% of organizations actively pursuing CMMC 2.0 certification. It ranks sixth among seven key challenges.

20% of organizations actively pursuing CMMC 2.0 certification are in Asia-Pacific.

7% of organizations actively pursuing CMMC 2.0 certification are in Middle East/Africa.

Just over half of organizations have centralized governance processes.

63% of organizations actively pursuing CMMC 2.0 certification are in North America.